ACAS Review Assessment Questions
and Complete Solutions Graded A+
Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule,
________, and _________. - Answer: Repository and Target List
______ are administrative level usernames and passwords used in authenticated scans? - Answer:
Credentials
True/False: You can associate multiple credentials with a single scan - Answer: True
Networks using DHCP require what Active Scan setting be enabled to properly track hosts - Answer:
Track hosts which have been issued new IP addresses
Which type of scan obtains information by authenticating to the host access resources not available over
the network - Answer: Credentialed
True/False: You may only select one import repository per scan - Answer: True
True/False: Once a scan is running, you cannot pause or stop it until it is completed - Answer: False
Which Port Scanning Range option tells the scanner to scan only common ports? - Answer: Default
In a low-bandwidth environment, which options might you adjust to try to improve scanning
performance? - Answer: Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan
What is the function of Performance Options in the Scan Policy? - Answer: Determines the impact of a
scan related to scan times and network behavior
You can configures the targets for you Blackout Window to include... - Answer: All Systems, Assets, IPs,
Mixed
, Which Scan Policy types allows you to select Plugin Families you want? - Answer: Custom Advanced Scan
What is an organization? - Answer: A group of individuals who are responsible for a set of common
assets
What is a scan zone? - Answer: A defined static range of IP addresses with an associated Nessus scanner
What is the maximum size of a SecurityCenter 5 Repository? - Answer: 32GB
True/False: The IP addresses you are scanning must be contained in both the definition of the scan zone
and the definition of the repository - Answer: True
What SecurityCenter Role is responsible for setting scan zones? - Answer: Admin
How can you get your SecurityCenter Plugin updates? - Answer: Automatically from DISA's plugin server
or Manually from the DoD Patch Repository
True/False: The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS
scanners to collect and interpret vulnerability, compliance, and configuration data. - Answer: True
Which options can you consider for scanning stand-alone networks. - Answer: Install both Nessus and
SecurityCenter on a Linux Laptop using Kickstart or in a virtual machine on a Windows 7 laptop. Also,
you may Detach a Nessus scanner from its SecurityCenter for scanning purposed and then reattach to
SecurityCenter to upload scan results
Which page loads by default when you log in to SecurityCenter? - Answer: Dashboard
Which of the pages show the date and time of the most recent plugin updates? - Answer: Feeds or
Plugins
Which page allows you to set your local time zone - Answer: Profile
and Complete Solutions Graded A+
Components of an Active Vulnerability Scan consist of: A policy, credentials, scan zone, schedule,
________, and _________. - Answer: Repository and Target List
______ are administrative level usernames and passwords used in authenticated scans? - Answer:
Credentials
True/False: You can associate multiple credentials with a single scan - Answer: True
Networks using DHCP require what Active Scan setting be enabled to properly track hosts - Answer:
Track hosts which have been issued new IP addresses
Which type of scan obtains information by authenticating to the host access resources not available over
the network - Answer: Credentialed
True/False: You may only select one import repository per scan - Answer: True
True/False: Once a scan is running, you cannot pause or stop it until it is completed - Answer: False
Which Port Scanning Range option tells the scanner to scan only common ports? - Answer: Default
In a low-bandwidth environment, which options might you adjust to try to improve scanning
performance? - Answer: Max Simultaneous Checks Per Host and Max Simultaneous Hosts Per Scan
What is the function of Performance Options in the Scan Policy? - Answer: Determines the impact of a
scan related to scan times and network behavior
You can configures the targets for you Blackout Window to include... - Answer: All Systems, Assets, IPs,
Mixed
, Which Scan Policy types allows you to select Plugin Families you want? - Answer: Custom Advanced Scan
What is an organization? - Answer: A group of individuals who are responsible for a set of common
assets
What is a scan zone? - Answer: A defined static range of IP addresses with an associated Nessus scanner
What is the maximum size of a SecurityCenter 5 Repository? - Answer: 32GB
True/False: The IP addresses you are scanning must be contained in both the definition of the scan zone
and the definition of the repository - Answer: True
What SecurityCenter Role is responsible for setting scan zones? - Answer: Admin
How can you get your SecurityCenter Plugin updates? - Answer: Automatically from DISA's plugin server
or Manually from the DoD Patch Repository
True/False: The SecurityCenter Plugins menu displays a list of script files used by Nessus and PVS
scanners to collect and interpret vulnerability, compliance, and configuration data. - Answer: True
Which options can you consider for scanning stand-alone networks. - Answer: Install both Nessus and
SecurityCenter on a Linux Laptop using Kickstart or in a virtual machine on a Windows 7 laptop. Also,
you may Detach a Nessus scanner from its SecurityCenter for scanning purposed and then reattach to
SecurityCenter to upload scan results
Which page loads by default when you log in to SecurityCenter? - Answer: Dashboard
Which of the pages show the date and time of the most recent plugin updates? - Answer: Feeds or
Plugins
Which page allows you to set your local time zone - Answer: Profile
